Supply chain management encounters significant challenges related to the integrity of computing devices, particularly with respect to those devices manufactured internationally. For example, a domestic original equipment manufacturer (OEM) may design a particular system, but the components may be procured, manufactured, and/or assembled into the designed system in large factories overseas, (e.g., by an original device manufacturer (ODM)). At various points in a traditional supply chain, the components to be used in the system may be swapped for inferior and/or malicious components. For example, a component required by the design specification may be exchanged by an ODM during the manufacturing process for a counterfeit inferior component to save costs associated with the manufacture of the system. Alternatively, the ODM may replace a component with another component having an overt flaw that may be exploited for malicious purposes (e.g., dual-ported memory, a network interface card with a back-channel interface, etc.).
Accordingly, there are numerous concerns with regard to the provenance of the components included in the manufactured system. Those concerns may be further magnified in circumstances in which multiple ODMs and/or other contractors are utilized for the manufacture of the system. For example, various components of the system may be manufactured in China, United States, and Japan and the system may be partially assembled in mainland China prior to being shipped to Brazil, where the assembly process may be completed. As such, if a counterfeit component is identified, it may even be difficult to identify the point in the manufacturing supply chain at which the fraud occurred. Additionally, in some cases, various components may be removed from a computing device and replaced by inferior components after the device leaves the supply chain (e.g., by a customer prior to returning a product for a refund).